Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall: v21.0 GA: Feedback and experiences

Release Post:  Sophos Firewall v21 is Now Available 

Release Notes: docs.sophos.com/.../sf_210_rn.html

Early Access EAP Thread:  Sophos Firewall: v21.0 EAP1: Feedback and experiences (EAP Thread) 

To make the tracking of issues / feedback easier: Please post a potential Sophos Support Case ID within your initial post, so we can track your feedback/issue.   

Only XGS Hardware is supported - Not XG/SG Hardware. Sophos Home is excluded, as it uses Software, which is supported. 

Firmware update from the CM will be available after the firmware is available to all. Please refer to the standard update process.

Firmware update on Sophos firewall requires a valid support subscription (of any type - paid or trial) after the first 3 free firmware updates.

Parents Reply Children
  • in this case UTM killed the connection each time:

    DPD: No response from peer - declaring peer dead

    DPD: Terminating all SAs using this connection

    On the XGS side there is zero load because this setup is prepared but not yet in use. Maybe after the upgrade to v21, there is so little traffic, the UTM thought the tunnel was dead.

    The support suggested to enable DPD (dead packet detection) only on the initiator side, which are always the remote XGS's. We've had this enabled on UTM also and were advised to disable it there. Done - only 2 reconnects today. Not 15. Still checking about the 2 remaining disconnects.